One of the key issues facing many organisations revolves around what a risk management framework looks like. ISO 31000 highlights the elements of a risk management framework as shown below: Continue reading
There is considerable confusion in the risk world in relation to terms such as risk appetite, risk tolerance, risk acceptance, risk threshold and risk attitude. These are defined differently by organisations and there is no guidance in ISO31000 that clarifies this, so the confusion becomes a distraction.
No matter what it is called – all organisations need to specify the parameters within which they are going to manage their risks. In order to do this there a number of fundamental questions that you need answered. Continue reading
Often when identifying a risk there is confusion about what should be captured in a risk register. The information actually captured in many organisations’ risk registers makes it very difficult to manage the risks.
There are a number of traps that organisations fall into:
#1 Trap for Players – the Broad Statement Risk Trap Continue reading